U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

NISTIR 8320C (Draft)

Hardware-Enabled Security: Machine Identity Management and Protection

Date Published: April 20, 2022
Comments Due: June 6, 2022 (public comment period is CLOSED)
Email Questions to: hwsec@nist.gov


Michael Bartock (NIST), Murugiah Souppaya (NIST), Mourad Cherfaoui (Intel), Jing Xie (Venafi), Paul Cleary (Venafi)


The initial public draft of NIST IR 8320C presents an approach for overcoming security challenges associated with creating, managing, and protecting machine identities, such as cryptographic keys, throughout their lifecycle. 


NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.



confidential computing; cryptographic key; hardware-enabled security; hardware security module (HSM); machine identity; machine identity management; trusted execution environment (TEE)
Control Families

None selected


NISTIR 8320C (Draft) (DOI)
Local Download

Supplemental Material:
None available

Document History:
04/20/22: NISTIR 8320C (Draft)


Security and Privacy
audit & accountability; program management

cloud & virtualization